GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,620 advisories
Filter by severity
A vulnerability was found in Emlog Pro 2.3.4. It has been classified as problematic. This affects...
Low
Unreviewed
CVE-2024-5044
was published
May 17, 2024
Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality...
Low
Unreviewed
CVE-2024-32708
was published
May 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in...
Low
Unreviewed
CVE-2024-4214
was published
May 17, 2024
Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows...
Low
Unreviewed
CVE-2024-30480
was published
May 17, 2024
Authentication Bypass by Spoofing vulnerability in Filipe Seabra WordPress Manutenção allows...
Low
Unreviewed
CVE-2024-22139
was published
May 17, 2024
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2022.0...
Low
Unreviewed
CVE-2024-22384
was published
May 16, 2024
NULL pointer dereference in some Intel(R) oneVPL software before version 23.3.5 may allow an...
Low
Unreviewed
CVE-2023-48727
was published
May 16, 2024
Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before...
Low
Unreviewed
CVE-2023-47282
was published
May 16, 2024
Improper buffer restrictions in Intel(R) Media SDK software all versions may allow an...
Low
Unreviewed
CVE-2023-47169
was published
May 16, 2024
Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated...
Low
Unreviewed
CVE-2023-45733
was published
May 16, 2024
Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an...
Low
Unreviewed
CVE-2023-43745
was published
May 16, 2024
Improper conditions check in Intel(R) Power Gadget software for macOS all versions may allow an...
Low
Unreviewed
CVE-2023-38420
was published
May 16, 2024
Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5...
Low
Unreviewed
CVE-2023-22656
was published
May 16, 2024
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates...
Low
Unreviewed
CVE-2024-35300
was published
May 16, 2024
Monolog Header injection in NativeMailerHandler
Low
GHSA-f57v-q966-7fh6
was published
for
monolog/monolog
(Composer)
May 15, 2024
Laravel Encrypter Failure to decryption vulnerability
Low
GHSA-6wjw-qf87-fv5v
was published
for
illuminate/encryption
(Composer)
May 15, 2024
datadog/dd-trace Circumvents open_basedir INI directive
Low
GHSA-qvgg-r6rq-vwfx
was published
for
datadog/dd-trace
(Composer)
May 15, 2024
Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This...
Low
Unreviewed
CVE-2024-3487
was published
May 15, 2024
On Windows systems, the Arc configuration files resulted to be world-readable.
This can lead...
Low
Unreviewed
CVE-2023-5937
was published
May 15, 2024
Duplicate Advisory: Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459
Low
GHSA-r3w4-36x6-7r99
was published
for
nokogiri
(RubyGems)
May 14, 2024
•
withdrawn
Grafana Forward OAuth Identity Token can allow users to access some data sources
Low
CVE-2022-21673
was published
for
github.com/grafana/grafana
(Go)
May 14, 2024
containerd started with non-empty inheritable Linux process capabilities
Low
GHSA-c9cp-9c75-9v8c
was published
for
github.com/containerd/containerd
(Go)
May 14, 2024
NATS server TLS missing ciphersuite settings when CLI flags used
Low
CVE-2021-32026
was published
for
github.com/nats-io/nats-server/v2
(Go)
May 14, 2024
sshproxy vulnerable to SSH option injection
Low
CVE-2024-34713
was published
for
github.com/cea-hpc/sshproxy
(Go)
May 14, 2024
TYPO3 vulnerable to an HTML Injection in the History Module
Low
CVE-2024-34355
was published
for
typo3/cms-core
(Composer)
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API